package com.guoxue.pay.alipay.sign;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

import javax.crypto.Cipher;

import org.apache.commons.codec.binary.Base64;




public class RSA {
	
	public static final String  SIGN_ALGORITHMS = "SHA1WithRSA";
	   
	 /**
	   * RSA签名
	   * @param content 待签名数据
	   * @param privateKey 商户私钥
	   * @param input_charset 编码格式
	   * @return 签名值
	   */
	   public static String sign(String content, String privateKey, String input_charset)
	   {
	        try 
	        {
	         byte[] decode = Base64.decodeBase64(privateKey.getBytes());
	         PKCS8EncodedKeySpec priPKCS8   = new PKCS8EncodedKeySpec(decode );
	           KeyFactory keyf= KeyFactory.getInstance("RSA");
	           PrivateKey priKey= keyf.generatePrivate(priPKCS8);

	            java.security.Signature signature = java.security.Signature.getInstance(SIGN_ALGORITHMS);

	            signature.initSign(priKey);
	            signature.update( content.getBytes(input_charset) );

	            byte[] signed = signature.sign();
	            
	            return new String(Base64.decodeBase64(signed));
	        }
	        catch (Exception e) 
	        {
	           e.printStackTrace();
	        }
	        
	        return null;
	    }
	   
	   /**
	   * RSA验签名检查
	   * @param content 待签名数据
	   * @param sign 签名值
	   * @param ali_public_key 支付宝公钥
	   * @param input_charset 编码格式
	   * @return 布尔值
	   */
	   public static boolean verify(String content, String sign, String ali_public_key, String input_charset)
	   {
	      try 
	      {
	         KeyFactory keyFactory = KeyFactory.getInstance("RSA");
	           byte[] encodedKey = Base64.decodeBase64(ali_public_key.getBytes());
	           PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
	         java.security.Signature signature = java.security.Signature
	         .getInstance(SIGN_ALGORITHMS);
	      
	         signature.initVerify(pubKey);
	         signature.update( content.getBytes(input_charset) );
	      
	         boolean bverify = signature.verify( Base64.decodeBase64(sign.getBytes()) );
	         return bverify;
	         
	      } 
	      catch (Exception e) 
	      {
	         e.printStackTrace();
	      }
	      
	      return false;
	   }
	   
	   /**
	   * 解密
	   * @param content 密文
	   * @param private_key 商户私钥
	   * @param input_charset 编码格式
	   * @return 解密后的字符串
	   */
	   public static String decrypt(String content, String private_key, String input_charset) throws Exception {
	        PrivateKey prikey = getPrivateKey(private_key);

	        Cipher cipher = Cipher.getInstance("RSA");
	        cipher.init(Cipher.DECRYPT_MODE, prikey);

	        InputStream ins = new ByteArrayInputStream(Base64.decodeBase64(content.getBytes()));
	        ByteArrayOutputStream writer = new ByteArrayOutputStream();
	        //rsa解密的字节大小最多是128，将需要解密的内容，按128位拆开解密
	        byte[] buf = new byte[128];
	        int bufl;

	        while ((bufl = ins.read(buf)) != -1) {
	            byte[] block = null;

	            if (buf.length == bufl) {
	                block = buf;
	            } else {
	                block = new byte[bufl];
	                for (int i = 0; i < bufl; i++) {
	                    block[i] = buf[i];
	                }
	            }

	            writer.write(cipher.doFinal(block));
	        }

	        return new String(writer.toByteArray(), input_charset);
	    }

	   
	   /**
	   * 得到私钥
	   * @param key 密钥字符串（经过base64编码）
	   * @throws Exception
	   */
	   public static PrivateKey getPrivateKey(String key) throws Exception {

	      byte[] keyBytes;
	      
	      keyBytes = Base64.decodeBase64(key.getBytes());
	      
	      PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
	      
	      KeyFactory keyFactory = KeyFactory.getInstance("RSA");
	      
	      PrivateKey privateKey = keyFactory.generatePrivate(keySpec);
	      
	      return privateKey;
	   }
	
}
